On Sat, 26 Jul 2003, Robert L Cochran wrote:
In an earlier posting I made on the Shrike list, I mentioned it is a
good idea to turn off mail relaying in sendmail. Someone responded that
the default sendmail implementation from Red Hat only listens for
connections on the local host, anyhow, so in effect why bother?
The best answer to that is that a substitute sendmail.cf file could be
inserted to the system maliciously at some point. You should not just
assume that sendmail is running with the actual Red Hat defaults, in
other words.
Substitution of sendmail.cf can be done without disturbing the
/etc/mail/sendmail.mc file. Then restart sendmail. Presto! Without quite
realizing it, the user's sendmail is listening for connections and is
suddenly an open relay.
Nope. Read /etc/init.d/sendmail and /etc/mail/Makefile. On RH, sendmail.cf
is automatically generated every time the daemon is restarted.
later,
chris